Defguard Implementation for Remote Access Management Using WireGuard VPN at PT. Esta Dana Ventura
Abstract
This study examines the development and deployment of a remote access management system by integrating Defguard with the WireGuard VPN at PT. Esta Dana Ventura. The company previously faced unstable connections and inefficient user administration due to the limitations of its MikroTik-based PPTP and L2TP VPN solutions. To overcome these challenges, a new architecture was designed using WireGuard for its lightweight performance and Defguard for centralized and streamlined access control. The system was implemented within a Docker environment and evaluated using key performance indicators such as latency, throughput, packet loss, and connection stability across multiple internet service providers. The results demonstrated that the WireGuard-based configuration delivered lower latency, zero packet loss, and secure connections without DNS leakage, while token-based authentication significantly simplified user management. Overall, the new system enhanced connection reliability, improved security, and provided scalable remote access for geographically distributed users, making it an effective replacement for the legacy VPN infrastructure.
Downloads
References
J. Lavelle, “Shifting Some Employees to Remote Work Permanently,” 2020.
D. F. Priambodo, Amiruddin, and N. Trianto, “Hardening a Work from Home Network with Wireguard and Suricata,” in Proceedings - 2nd International Conference on Computer Science and Engineering: The Effects of the Digital World After Pandemic (EDWAP), IC2SE 2021, 2021, pp. 1–4. doi: 10.1109/IC2SE52832.2021.9791983.
B. Schneier, Applied Cryptography, vol. 1, no. [32. John Wiley & Sons, 1996. doi: 10.1.1.99.2838.
S. M. Zohaib, S. M. Sajjad, Z. Iqbal, M. Yousaf, M. Haseeb, and Z. Muhammad, “Zero Trust VPN (ZT-VPN): A Systematic Literature Review and Cybersecurity Framework for Hybrid and Remote Work,” Information (Switzerland), vol. 15, no. 11, pp. 1–25, 2024, doi: 10.3390/info15110734.
S. Mackey, I. Mihov, A. Nosenko, F. Vega, and Y. Cheng, “A performance comparison of WireGuard and OpenVPN,” in Proceedings of the Tenth ACM Conference on data and application security and privacy, 2020, pp. 162–164.
E. Barker, Q. Dang, F. Sheila, K. Scarfone, and P. Wouters, “Guide to IPsec VPNs,” Special Publication (Nist SP) - 800-77r1, p. 166, 2020, [Online]. Available: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-77r1.pdf%0Ahttp://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-77.pdf
J. A. Donenfeld, “WireGuard: Next Generation Kernel Network Tunnel,” 24th Annual Network and Distributed System Security Symposium, NDSS 2017, pp. 1–20, 2017, doi: 10.14722/ndss.2017.23160.
B. Dowling and K. G. Paterson, “A cryptographic analysis of the WireGuard protocol,” in International Conference on Applied Cryptography and Network Security, 2018, pp. 3–21.
B. Schneier, Applied Cryptography, vol. 1, no. [32. John Wiley & Sons, 1996. doi: 10.1.1.99.2838.
D. F. Priambodo, Amiruddin, and N. Trianto, “Hardening a Work from Home Network with Wireguard and Suricata,” in Proceedings - 2nd International Conference on Computer Science and Engineering: The Effects of the Digital World After Pandemic (EDWAP), IC2SE 2021, 2021, pp. 1–4. doi: 10.1109/IC2SE52832.2021.9791983.
V. Kumar and A. Bhardwaj, “Identity Management Systems,” International Journal of Strategic Decision Sciences, vol. 9, no. 1, pp. 63–78, 2018, doi: 10.4018/ijsds.2018010105.
J. Anderson, “The Role of Identity and Access Management (IAM) in Securing Cloud Workloads,” 2022.
“Introduction | defguard,” 2025. [Online]. Available: https://docs.defguard.net/
ETSI, “Telecommunications and Internet Protocol Harmonization Over Networks (TIPHON); General aspects of Quality of Service (QoS),” Etsi Tr 101 329 V2.1.1, vol. 1, pp. 1–37, 2020.
O. Bartunov, “What is PostgreSQL.”
D. Merkel, “Docker : Lightweight Linux Containers for Consistent Development and Deployment Docker : a Little Background Under the Hood,” Linux Journal, vol. 2014, no. 239, pp. 2–7, 2014, [Online]. Available: http://delivery.acm.org.ezproxy.library.wisc.edu/10.1145/2610000/2600241/11600.html?ip=128.104.46.196&id=2600241&acc=ACTIVE SERVICE&key=066E7B0AFE2DCD37.066E7B0AFE2DCD37.4D4702B0C3E38B35.4D4702B0C3E38B35&__acm__=1557803890_216b4a0168a6b29b8f2e7a74
D. Aivaliotis, Mastering Nginx. 2013. [Online]. Available: https://www.packtpub.com/networking-and-servers/mastering-nginx
“Architecture | defguard,” 2025. [Online]. Available: https://docs.defguard.net/in-depth/architecture
A. V Ostroukh, C. B. Pronin, A. A. Podberezkin, J. V Podberezkina, and A. M. Volkov, “Enhancing Corporate Network Security and Performance: A Comprehensive Evaluation of WireGuard as a Next-Generation VPN Solution,” in 2024 Systems of Signal Synchronization, Generating and Processing in Telecommunications (SYNCHROINFO), 2024, pp. 1–5. doi: 10.1109/SYNCHROINFO61835.2024.10617501.
X. Wang, H. Zhao, and J. Zhu, “GRPC: A communication cooperation mechanism in distributed systems,” ACM SIGOPS Operating Systems Review, vol. 27, no. 3, pp. 75–86, 1993.
A. Basri and B. Yuliadi, “Wireless Network Bandwidth Quality Measurement Using Qos Standard Tiphon,” PIKSEL: Penelitian Ilmu Komputer Sistem Embedded and Logic, vol. 11, no. 2, pp. 283–292, 2023.
ETSI, “Telecommunications and Internet Protocol Harmonization Over Networks (TIPHON); General aspects of Quality of Service (QoS),” Etsi Tr 101 329 V2.1.1, vol. 1, pp. 1–37, 2020.
“30 Network Performance Metrics to Measure Network Health.” [Online]. Available: https://research.aimultiple.com/network-performance-metrics/
S. Kent and K. Seo, “RFC 4301: Security Architecture for the Internet Protocol,” 2005, RFC Editor, USA.
B. Schneier and Mudge, “Cryptanalysis of Microsoft’s Point-to-Point Tunneling Protocol (PPTP),” Proceedings of the ACM Conference on Computer and Communications Security, pp. 132–141, 1998, doi: 10.1145/288090.288119.
P. Arora, P. R. Vemuganti, and P. Allani, “Comparison of VPN Protocols – IPSec , PPTP , and L2TP,” vol. ECE 646, no. Fall (2021), pp. 1–45, 2021, [Online]. Available: https://ece.gmu.edu/coursewebpages/ECE/ECE646/F09/project/reports_2001/arveal.pdf
D. C. Montgomery, Design and analysis of experiments. John wiley & sons, 2017.
Copyright (c) 2025 Ervan Jefferson Bany, Muhamad Hadi Arfian
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
This is an open-access article distributed under the terms of the Creative Commons Attribution-ShareAlike 4.0 International License which permits unrestricted use, distribution, and reproduction in any medium. Users are allowed to read, download, copy, distribute, search, or link to full-text articles in this journal without asking by giving appropriate credit, provide a link to the license, and indicate if changes were made. All of the remix, transform, or build upon the material must distribute the contributions under the same license as the original.
